Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

use IsDevelopment #1081

Merged
merged 6 commits into from
Apr 19, 2024
Merged

use IsDevelopment #1081

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b27ce10
use IsDevelopment
Rick-Anderson Apr 17, 2024
9394885
use IsDevelopment
Rick-Anderson Apr 18, 2024
c7eec94
use IsDevelopment
Rick-Anderson Apr 18, 2024
6478076
use IsDevelopment
Rick-Anderson Apr 18, 2024
464d89b
use IsDevelopment
Rick-Anderson Apr 18, 2024
6f5f220
use IsDevelopment
Rick-Anderson Apr 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions examples/AspNetCore/OData/ODataOpenApiExample/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,15 +80,17 @@

var app = builder.Build();

// Configure the HTTP request pipeline.
// Configure HTTP request pipeline.

if ( app.Environment.IsDevelopment() )
{
// navigate to ~/$odata to determine whether any endpoints did not match an odata route template
// Access ~/$odata to identify OData endpoints that failed to match a route template.
app.UseODataRouteDebug();
}

app.UseSwagger();
if ( app.Environment.IsDevelopment() )
{
Comment on lines 85 to +93
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@commonsensesoftware should I move app.UseSwagger(); up so I only need one
if ( app.Environment.IsDevelopment() )
block

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Less blocks would be good so I don't have a problem with that. Is the established practice to disable OpenAPI docs and the Swagger UI outside of Debug? It's more for my edification.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where'd we land on this? Leave it on the outside or move it inside so it's only for development? I'm not sure the practice here. Everything else looks good. If you're happy with this, then I'll merge it. 😉

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the established practice to disable OpenAPI docs and the Swagger UI outside of Debug? It's more for my edification.

General best practice is to disable UIs that might be susceptible to a web security issues (leaked creds, XSS, etc.) outside of development. The generated JSON is fine to enable in production and, in fact, might be necessary for certain integration scenarios (e.g. client generators, OpenAI plugins, API management front-ends).

app.UseSwaggerUI(
options =>
{
Expand All @@ -102,6 +104,7 @@
options.SwaggerEndpoint( url, name );
}
} );
}

app.UseHttpsRedirection();
app.UseAuthorization();
Expand Down
6 changes: 4 additions & 2 deletions examples/AspNetCore/OData/SomeODataOpenApiExample/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,9 @@
// Configure the HTTP request pipeline.

app.UseSwagger();
app.UseSwaggerUI(
if ( app.Environment.IsDevelopment() )
{
app.UseSwaggerUI(
options =>
{
var descriptions = app.DescribeApiVersions();
Expand All @@ -77,7 +79,7 @@
options.SwaggerEndpoint( url, name );
}
} );

}
app.UseHttpsRedirection();
app.UseAuthorization();
app.MapControllers();
Expand Down
26 changes: 14 additions & 12 deletions examples/AspNetCore/WebApi/MinimalOpenApiExample/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -264,18 +264,20 @@
.Produces( 400 );

app.UseSwagger();
app.UseSwaggerUI(
options =>
{
var descriptions = app.DescribeApiVersions();

// build a swagger endpoint for each discovered API version
foreach ( var description in descriptions )
if ( app.Environment.IsDevelopment() )
{
app.UseSwaggerUI(
options =>
{
var url = $"/swagger/{description.GroupName}/swagger.json";
var name = description.GroupName.ToUpperInvariant();
options.SwaggerEndpoint( url, name );
}
} );
var descriptions = app.DescribeApiVersions();

// build a swagger endpoint for each discovered API version
foreach ( var description in descriptions )
{
var url = $"/swagger/{description.GroupName}/swagger.json";
var name = description.GroupName.ToUpperInvariant();
options.SwaggerEndpoint( url, name );
}
} );
}
app.Run();
5 changes: 4 additions & 1 deletion examples/AspNetCore/WebApi/OpenApiExample/Program.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,9 @@
// Configure the HTTP request pipeline.

app.UseSwagger();
app.UseSwaggerUI(
if ( app.Environment.IsDevelopment() )
{
app.UseSwaggerUI(
options =>
{
var descriptions = app.DescribeApiVersions();
Expand All @@ -70,6 +72,7 @@
options.SwaggerEndpoint( url, name );
}
} );
}

app.UseHttpsRedirection();
app.UseAuthorization();
Expand Down
Loading